IT Security & Privacy

Italy’s Personal Data Protection Authority (Garante) has launched an investigation into Lusha Systems, a US-based company that’s no stranger to controversy in the world of online data. Known for selling “enriched” contact details, including email addresses and phone numbers, Lusha’s services are accessible to users in Italy, though it seems some of the data within its platform might not be as straightforward as one would hope.

In March 2025, Oracle faced two major breaches, with its Cloud system exposing millions of records and its Health platform compromising patient data due to unpatched legacy servers exploited since January. The company’s delayed notifications and lack of transparency, despite allegedly knowing about the issues by February, have drawn sharp criticism and fueled distrust. The breaches have sparked widespread concern, prompting heightened oversight and discussions among key regulatory bodies.

X, the social media platform formerly known as Twitter, has always been a breeding ground for debates, discussions, and, lately, a fair amount of drama. Elon Musk, ever the spokesperson for the platform, recently warned about hackers trying to infiltrate the site. But it’s one thing to worry about abstract threats and quite another to find out that your personal data might be at risk because of a real and massive breach.

The Autorité de la concurrence, France’s competition watchdog, has slapped Apple with a hefty €150 million fine. The reason? Apple’s handling of its App Tracking Transparency (ATT) framework, which the French authority argues unfairly tipped the scales in favor of Apple, harming smaller players in the digital ecosystem.

South Korea’s Personal Information Protection Commission (PIPC) has hit Woori Card with a massive fine of KRW 13.45 billion (roughly $9.1 million) following a major data breach. This decision comes alongside a set of corrective measures designed to overhaul the company’s data management practices, including stricter access controls, better employee training, and tighter oversight of personal information handling.

Advanced Computer Software Group Ltd (Advanced) has been slapped with a £3.07 million fine following a ransomware attack that compromised the personal data of 79,404 individuals. The fine comes after the company’s health and care subsidiary failed to implement sufficient security measures, leaving their systems vulnerable to a cyberattack that had widespread repercussions for critical healthcare services.

MORSE Corp, a defense contractor based in Cambridge, Massachusetts, has agreed to pay $4.6 million to settle allegations related to cybersecurity failures in its contracts with the U.S. Army and Air Force. The settlement comes after claims that the company submitted false payment requests despite knowing it had not met the necessary cybersecurity standards required by these contracts.